sentry-capacitor icon indicating copy to clipboard operation
sentry-capacitor copied to clipboard
verified publisher icon getsentry

Snyk security test

Open mwyld opened this issue 3 years ago • 1 comments

Environment

Capacitor version 4

Steps to Reproduce

  • Installed Snyk
  • Ran it against a project with this plugin

Expected Result

  • No security errors appear

Actual Result

Screenshot 2022-10-12 at 22 26 36 Screenshot 2022-10-12 at 22 27 09

mwyld avatar Oct 12 '22 21:10 mwyld

Thanks for the information.

Sounds like we should upgrade cli in wizard (and then wizard in capacitor), as the latest version of cli has [email protected] which I assume doesn't suffer from the ReDos.

krystofwoldrich avatar Oct 13 '22 11:10 krystofwoldrich

This issue has gone three weeks without activity. In another week, I will close it.

But! If you comment or otherwise update it, I will reset the clock, and if you label it Status: Backlog or Status: In Progress, I will leave it alone ... forever!

"A weed is but an unloved flower." ― Ella Wheeler Wilcox 🥀

github-actions[bot] avatar May 30 '23 00:05 github-actions[bot]

The offending dependencies (@sentry/[email protected]) have been removed starting at release 0.11.5

kahest avatar Oct 03 '23 13:10 kahest